MS-500: Microsoft knows what you did last summer!

Well, here we are.  Staring down the barrel of another Microsoft test.  The beads of sweat drip down your forehead….am I going to get multiple choice?  Case Studies?? LABS?!?!?!  Well…maybe!

Okay, so here’s the deal.  I’ve taken several Microsoft certification exams at this point.  It’s almost become a bit of a hobby during this “Year of the ‘Rona,” but…that’s another blog post.

Does this mean I’m an expert?  No.  Does this mean I know all there is to know?  Heavens no.  Does it mean there may or may not be something wrong with me?  More than likely…also another blog post.

But, I digress.


What I do know is the following:
  • Whatever you think you know, you don’t
  • You will wonder why the content you studied doesn’t remotely resemble the content of the exam questions
  • No matter how much you pour through blog posts and the Microsoft Docs and Learn sites, you will invariably say out loud “Um….what?” when taking a Microsoft exam
  • Actually, don’t say that out loud, your Proctor may give you a talking to
  • You will question yourself.  Your abilities.  Whether or not you have ‘Imposter Syndrome’
  • You’ll question what language the exam is actually written in and whether or not you have the comprehension skills to decipher them

To that I say:  Welcome to Microsoft Certification Exams!


You are the chosen few.  The Brave!  The Morally strong!!  The Chosen ones!!!

You have embarked on a journey that will make you feel weak.  Small.  Even question your career choice and your sanity!

Drama and joking aside, the MS-500 is one of the steps in your adventure toward the Office 365 Expert Certification.  MUST you take it?  No.  Should you?  More than likely, yes.  Whether you’re supporting the SMB market (Small/Medium Businesses) or larger enterprises, the reality is everyone needs to know the tools available to them to secure their environments, protect their data, prove their compliance and set their Stakeholders at ease.


With such a large portion of the workforce performing their duties remotely, we’ve seen large increases in Ransomware attacks, identify theft, and impersonation scams targeting this new remote workforce.

To that end, Microsoft 365 has solutions in place to help ensure that those who need access, have it and those who don’t, or who are attempting to gain access in nefarious ways, are kept out.

The path to the Microsoft 365 Expert badge can vary a bit depending on your role and station in your career, but you really can’t go wrong with any of the prerequisite exams.  They’re all relevant, depending on your career path.

Today though, we’ll be focusing on the MS-500 or the Microsoft 365 Security Administration certification.


You’ll be faced with 40-60 questions that cover an array of topics such as:
  • Implementing and managing identity and access (30-35%)
  • Implementing and managing threat protection (20-25%)
  • Implementing and managing information protection (15-20%)
  • Managing governance and compliance features in Microsoft 365 (25- 30%)


A few things that set this test apart from my previous experiences:
  • We are not in “Fundamentals” territory anymore
  • You may get labs. This requires logging into a VM and performing a task
  • You may get case studies. This requires a lot of reading and digesting of information; some of which will be relevant, some of which won’t be depending on what questions are ultimately asked
  • You get 3 hours to take this one, so buckle up
  • All the reading and back and forth you’ll be doing for the case studies and other more involved scenario-based questions doesn’t mean the clock stops ticking


This is not going to be a yes/no or multiple choice only exam.  You will need to apply your knowledge to solve problems which is a step up from the foundational exams where you really only need to know the high-level view instead of the more practical, hands-on knowledge needed for this exam.

I highly recommend either being involved in a project at work or, at the very least, testing and implementing these things in a trial account.

You will want to see Advanced Threat Protection (ATP), Security, Privacy and Compliance features in action before taking the exam.  Do NOT go into this blind unless you have a fair bit of experience implementing and configuring ATP, MFA, AIP, Conditional Access, creating sensitivity and retention labels, and other such features of Microsoft 365.


Trust me, without this practical knowledge, you will struggle.


The more I climb the certification tree, the more I’m seeing the need to have actually seen and done the tasks you’re being questioned on.  You can only read so much.  Screenshots provide a glimpse, but not the whole picture.  You’ll need to show you can do it and not just talk about it.  This isn’t an exam focused around definitions and buzzwords as much as it is about the practice and implementation of the security solutions offered by the Microsoft 365 suite.


The more you can practice implementing these solutions, the better off you’ll be.


I have faith that you Microsoft warriors can slay this certification beast and continue your journey to that Expert badge!

Shawn Collins

Shawn has spent the last 9 years in IT and is the Cloud Services Manager at Cloudforce. He holds MS-900, AZ-900, PL-900, MS-500, CompTIA Project+ and ITIL 4 Foundation certifications. Ever since he was a kid messing around with the old 8088's, he knew there was a future in technology. From the cacophony of a dial-up connection to eagerly anticipating that "You've got mail" to administering accounts through MS365; DOS to Windows 95 to Windows 10; Server 2003 to Server 2019; HTML and FrontPage to Word Press and Wix; and floppy disks to Cloud storage. He has touched, seen and used a large variety of hardware and software over the years...and has barely scratched the surface.

Recommended for you.